Disallow LOAD to non-superusers. Per report from John Heasman.

author Tom Lane

Mon, 24 Jan 2005 17:46:16 +0000 (17:46 +0000)

committer Tom Lane

Mon, 24 Jan 2005 17:46:16 +0000 (17:46 +0000)
author Tom Lane
Mon, 24 Jan 2005 17:46:16 +0000 (17:46 +0000)
committer Tom Lane
Mon, 24 Jan 2005 17:46:16 +0000 (17:46 +0000)
diff --git a/src/backend/tcop/utility.c b/src/backend/tcop/utility.c

index 11fa2fc52d9f71e97de6c12ac42f10ab2bfe2aa3..81d557c54ed07e4dce8dbac59ac40b23a921b7eb 100644 (file)
--- a/src/backend/tcop/utility.c
+++ b/src/backend/tcop/utility.c
@@ -10,7 +10,7 @@
   *
   *
   * IDENTIFICATION
- *   $PostgreSQL: pgsql/src/backend/tcop/utility.c,v 1.231 2004/12/31 22:01:16 pgsql Exp $
+ *   $PostgreSQL: pgsql/src/backend/tcop/utility.c,v 1.232 2005/01/24 17:46:16 tgl Exp $
   *
   *-------------------------------------------------------------------------
   */
@@ -803,6 +803,10 @@ ProcessUtility(Node *parsetree,
             {
                 LoadStmt   *stmt = (LoadStmt *) parsetree;
  
+               if (!superuser())
+                   ereport(ERROR,
+                           (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
+                            errmsg("must be superuser to do LOAD")));
                 closeAllVfds(); /* probably not necessary... */
                 load_file(stmt->filename);
             }